Docker is a open source container program that performs operating-system-level virtualization. Docker currently provides three products Enterprise Edition(EE)
、Community Edition(CE)
and Cloud
. This article documents how to install and configure Docker CE in GNU/Linux, then implement the entire process through Shell script.
Official Site
Relevant official site of Docker
Site | Website |
---|---|
Official Site | https://www.docker.com |
GitHub | https://github.com/docker |
Documentation | https://docs.docker.com |
Blog | https://blog.docker.com |
https://twitter.com/docker | |
Youtube | https://www.youtube.com/user/dockerrun |
Docker Hub | https://hub.docker.com |
Docker Store | https://store.docker.com |
Tutorials
Docker provides some tutorials in its Github repository. If you’re a newbie, it may be useful for you to learn Docker.
Official tutorials of Docker
If you wanna learn more, please read its official document site.
Introduction
Architecture
Docker uses a client-server architecture. The Docker client talks to the Docker daemon, which does the heavy lifting of building, running, and distributing your Docker containers. Both the Docker client and the daemon can run on the same system, or you can connect a Docker client to a remote Docker daemon. The Docker client and daemon communicate via sockets or through a RESTful API. — Understand the architecture
More info about Docker, please read Docker overview
VS Virtual Machine
Docker Container is a methos of virtualization, but it is different from virtual machine
, such as Vagrant.
virtual machine
Each virtual machine includes the application, the necessary binaries and libraries and an entire guest operating system - all of which may be tens of GBs in size.
container
Containers include the application and all of its dependencies, but share the kernel with other containers. They run as an isolated process in userspace on the host operating system. They’re also not tied to any specific infrastructure – Docker containers run on any computer, on any infrastructure and in any cloud.
The following pictures are from What is a Container?.
Virtual Machines
Old picture
New picture
Containers
Old picture
New picture
Containers and Virtual Machines Together
OS requirements
- OS must be 64-bit;
- Linux kernel version at least 3.10;
iptables
version at least 1.4;
More details in Install Docker CE from binaries。
The following can be used to check if the running system is 64-bit (x86_64
).
Docker Product
Docker currently has 3 products, more details in Install Docker。
- Docker Enterprise Edition (Docker EE)
- Docker Community Edition (Docker CE)
- Stable (release per quarter)
- Edge (release per month)
- Docker Cloud
Docker CE
and Docker EE
supper different distributions.
Platform | Docker EE | Docker CE |
---|---|---|
RHEL | Y | |
CentOS | Y | Y |
Fedora | Y | |
Oracle Linux | Y | |
Debian | Y | |
Ubuntu | Y | Y |
SLES | Y |
See also Docker Cloud for setup instructions for
Digital Ocean
,Packet
,SoftLink
, or Bring Your Own Cloud.
Installation
For RHEL
、Oracle Linux
、SLES
, it can only install Docker EE
which needs to register Docker Store first.
This document is focus on Docker CE
which is just support CentOS/Fedora
、Debian/Ubuntu
.
Docker provides official installation document Install Docker Engine:
Complete distro release version which are supported by Docker CE
Distro | Version |
---|---|
CentOS | 7 |
Debian | Buster 10 (Docker CE 17.11 Edge only) |
Debian | Stretch 9 |
Debian | Jessie 8 |
Debian | Wheezy 7 |
Ubuntu | Artful 17.10 (Docker CE 17.11 Edge and higher only) |
Ubuntu | Zesty 17.04 |
Ubuntu | Xenial 16.04 |
Ubuntu | Trusty 14.04 |
CentOS
Install Docker
|
|
Uninstall Docker
|
|
執行yum install docker-ce
提示的GPG信息
|
|
Debian/Ubuntu
Install Docker
The difference between Ubuntu and Debian
- different package dependencies
- different distribution name, codename
|
|
Uninstall Docker
|
|
Start Docker Daemon
Start docker service
|
|
Post-installation Configuration
Post-installation steps for Linux
Manage Docker As A Non-root User
Manage Docker as a non-root user
The docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user
root
and other users can only access it usingsudo
. The docker daemon always runs as theroot
user.
If you don’t want to use sudo
when you use the docker command, create a Unix group called docker
and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker
group.
Warning: The docker
group grants privileges equivalent to the root
user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.
Docker Daemon Attack Surface
- only trusted users should be allowed to control your Docker daemon
- if you run Docker on a server, it is recommended to run exclusively Docker on the server, and move all other services within containers controlled by Docker.
|
|
Access Remote API Through A Firewall
Allow access to the remote API through a firewall
If you run a firewall on the same host as you run Docker and you want to access the Docker Remote API from another host and remote access is enabled, you need to configure your firewall to allow incoming connections on the Docker port, which defaults to
2376
if TLS encrypted transport is enabled or2375
otherwise.
Shell Script
Shell script is hosted on GitLab, usage info
|
|
Error Occuring
image has dependent child images
Fail to use command docker rmi
to remove image whose tag name is <none>
Error response from daemon: conflict: unable to delete 978d85d02b87 (cannot be forced) - image has dependent child images
docker how can I get the list of dependent child images?
|
|
Solving it via deleting file begins with 978d85d02b87
|
|
Change Logs
- 2016.04.04 11:30 Thu Asia/Beijing
- 初稿完成
- 2017.03.02 15:44 Thu Asia/Shanghai
- 文檔重構
- 2017.03.03 16:49 Fri Asia/Shanghai
- Docker官方文檔更新(分
Docker EE
、Docker CE
、Docker Cloud
),文檔重構
- Docker官方文檔更新(分
- 2017.04.07 09:50 Fri Asia/Shanghai
- 添加
Error Occuring
->image has dependent child images
- 添加
- 2017.09.08 08:31 Fri Asia/Shanghai
- 添加
/var/lib/docker/image/overlay2/imagedb/content/sha256
- 添加
- 2018.04.11 11:41 Wed America/Boston
- 更新文檔鏈接,勘誤,遷移到新Blog